Pavel Moravec created QPID-5565:
-----------------------------------
Summary: [C++ broker] ACL queue create rules to take zero as
unlimited value
Key: QPID-5565
URL: https://issues.apache.org/jira/browse/QPID-5565
Project: Qpid
Issue Type: Bug
Components: C++ Broker
Reporter: Pavel Moravec
Assignee: Pavel Moravec
Priority: Minor
When declaring queue with e.g. qpid.max_size=0, the zero is interpreted as "no
limit in queue depth". While ACLs deal with zero as "queue depth is zero".
Therefore:
1) ACL rule like:
acl allow all create queue queuemaxsizelowerlimit=10
is not matched
2) ACL rule like:
acl allow all create queue queuemaxsizeupperlimit=1000
is matched.
While both is wrong.
The same applies to any numerically-compared properties of ACL queue create
rule, specifically to:
acl::PROP_MAXPAGES
acl::PROP_MAXPAGEFACTOR
acl::PROP_MAXQUEUECOUNT
acl::PROP_MAXQUEUESIZE
acl::PROP_MAXFILECOUNT
acl::PROP_MAXFILESIZE
There are two approaches how to fix it:
1) in Broker.cpp, before calling ACL to authorize queue creation, replace zero
value by 9223372036854775807 (as hardcoded maximum for ACL numerical value; see
src/tests/Variant.cpp and/or src/tests/acl.py for more)
2) Within ACL, deal zero value as unlimited
The first approach would allow future parameters having 0 as real zero value.
But Broker class would mimic/workaround some ACL work.
The second approach would resolve the problem in better place, but it would
enforce that zero is interpreted as infinity everytime (can't it break
something? or on the other side, can't it unify handling
connection-limit-per-ip or max-queues-per-user options?)
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
